There are services for executing information processes such as a database process and a transaction process in response to requests from users. In order for a user to use a service, user authentication is executed to confirm whether or not the user is a person who has a right to receive the service. For the user authentication, account information that includes a user identification (ID) and a password is used.
The account information with the password encrypted is stored in an authentication apparatus for determining whether to authenticate users. Methods for encrypting passwords for services may vary depending on the services. Thus, if the user changes a certain service used by the user to another service to be used by the user, and methods for encrypting passwords for the services are different, account information for the certain service used before the change is unable to be used as account information for the other service to be used after the change. There is a method for issuing a tentative password to the user in order to log into the service to be used after the change and causing the user to perform a change operation for the change from the certain service to the other service.
As a related technique, there is an authentication changing apparatus that has a database for storing new authentication information, old authentication information used for a service previously used, and change information representing whether or not a change of authentication is confirmed and approved, for example. When a user accesses the authentication changing apparatus, the authentication changing apparatus receives the new authentication information or the old authentication information from the user, executes user authentication, and updates the change information.
Japanese Laid-open Patent Publication No. 2012-137932 is an example of related art.